CVE-2008-4355 Information

Description

SQL injection vulnerability in showprofil.php in Powie PSCRIPT Forum (aka PHP Forum or pForum) 1.30 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter.

Reference

http://secunia.com/advisories/31872 http://www.securityfocus.com/bid/31150 http://www.vupen.com/english/advisories/2008/2559 https://exchange.xforce.ibmcloud.com/vulnerabilities/45079 https://www.exploit-db.com/exploits/6442